search

Exercise

We are going to view the difference between a secure connection an unsecured one.

hashtag
Telnet

First we need to open wireshark on computer A.

$ wireshark

  1. Now we need to start to get all the traffic of the network.

           **img**

  2. Write telnet as a filter, this mean that we are only looking all the stuff related with telnet. Then we need to press apply and look for the package. img

  3. On another terminal we need to create a telnet connection to the second computer.

    1. Get the ip of the computer B

$ ifconfig
$......

..
....

.....
        ii. On computer A we need to make the connection to computer B
$telnet x.x.x.x

  1. Once we finish to make the connection on computer A, we need to return to wireshark and look for the packages. We need to right click on any row of the capture and choose the option Follow TCP stream we can see the password transmitted through the network in plain text

    . The Follow TCP stream option "unites" the flow of individual packets in such a way that we can inspect them more comfortably.

hashtag
SSH

  1. We are going to create a filter so we can observe what is on the network at TCP 2990 port.

tcp.port == 2990

Choose again the option Follow TCP stream, we will see that the traffic is encrypted and the dump in ASCII of it does not contain data that allow us to identify or infer the password or keys used

img

PreviousSetupNextGDB

Last updated